{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5194", "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "state": "PUBLISHED", "assignerShortName": "wolfSSL", "dateReserved": "2026-03-30T22:13:40.162Z", "datePublished": "2026-04-09T19:30:24.095Z", "dateUpdated": "2026-04-09T19:30:24.095Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27", "shortName": "wolfSSL", "dateUpdated": "2026-04-09T19:30:24.095Z"}, "title": "wolfSSL ECDSA Certificate Verification", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "type": "CWE"}]}], "affected": [{"vendor": "wolfSSL", "product": "wolfSSL", "repo": "https://github.com/wolfSSL/wolfssl", "programFiles": ["wolfcrypt/src/asn.c", "wolfcrypt/src/ecc.c"], "versions": [{"status": "affected", "version": "3.12.0", "lessThan": "5.9.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.</p>"}]}], "references": [{"url": "https://github.com/wolfSSL/wolfssl/pull/10131", "tags": ["patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "RED", "version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:L/SA:L/U:Red"}}], "credits": [{"lang": "en", "value": "Nicholas Carlini from Anthropic", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled."}], "id": "CVE-2026-5194", "lastModified": "2026-04-09T20:16:28.420", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "RED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "facts@wolfssl.com", "type": "Secondary"}]}, "published": "2026-04-09T20:16:28.420", "references": [{"source": "facts@wolfssl.com", "url": "https://github.com/wolfSSL/wolfssl/pull/10131"}], "sourceIdentifier": "facts@wolfssl.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "facts@wolfssl.com", "type": "Secondary"}]}

{"bugzilla": {"description": "wolfSSL: wolfSSL: Reduced security of ECDSA authentication via missing digest size checks", "id": "2457041", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457041"}, "csaw": false, "cvss3": {"cvss3_base_score": "10.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "status": "draft"}, "cwe": "CWE-295", "details": ["A flaw was found in wolfSSL. Missing hash/digest size and Object Identifier (OID) checks allow the acceptance of smaller, less secure digests during the verification of Elliptic Curve Digital Signature Algorithm (ECDSA) certificates. This could enable a remote attacker, with knowledge of the public Certificate Authority (CA) key, to weaken the security of ECDSA certificate-based authentication. The vulnerability affects ECDSA/ECC verification when EdDSA or ML-DSA are also enabled."], "name": "CVE-2026-5194", "package_state": [{"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Not affected", "package_name": "mariadb10.11/mariadb10.11", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Not affected", "package_name": "mariadb11.8/mariadb11.8", "product_name": "Red Hat Hardened Images"}], "public_date": "2026-04-09T19:30:24Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-5194\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-5194\nhttps://github.com/wolfSSL/wolfssl/pull/10131"], "statement": "This vulnerability doesn't affect any versions of MariaDB as shipped with Red Hat Products. For Red Hat products MariaDB is compiled and linked against the system's OpenSSL library instead of using the MariaDB's bundled WolfSSL library routines.", "threat_severity": "Critical"}

{}